Cybersecurity breaches can cause significant financial losses for organizations. Threat actors can engage in malicious activities such as stealing intellectual property (IP), holding systems hostage through ransomware attacks, or impersonating trusted entities to gain unauthorized access to networks. These breaches can also damage an organization’s reputation, leading to decreased competitiveness and lost revenue for businesses. Even the security incident response process can incur costs, diverting valuable IT support resources from other essential IT functions. To effectively address these threats, organizations must strategically focus their cybersecurity efforts on the types of attacks that are most likely to impact them and their specific industry.
Senior General Manager of Verizon Security Consulting Services.
Costly attack patterns
It is not realistic to eliminate all cybersecurity risks. Instead, organizations would do well to focus on the attack patterns that pose the biggest threats—those that are most likely to generate big sums of money for threat actors. Ransomware and pretexts are among those attack patterns. A ransomware attack costs an organization an average of more than $45,000, according to Verizon’s 2024 Data Breach Investigations Report (DBIR), and in some cases can even run into the millions. This attack pattern can put enormous pressure on organizations that cannot afford downtime. For these organizations, there is no good option. Either pay the ransom and lose money, or endure downtime trying to restore systems and lose money.
Pretexts are not only costly, they are also increasingly common, accounting for a quarter of financially motivated cyberattacks. It is often used to carry out business email compromise (BEC) attacks, which cost organizations an average of around $50,000. BEC attacks can be especially dangerous because they often target high-level executives, such as senior management, who typically have access to highly sensitive business information. You might assume that your accounts are the most secure, but that’s often not the case, as IT is more likely to make exceptions to the security protocol for them.
High risk industries
Industries with critical infrastructure or sensitive information are often high-value targets for threat actors. As mentioned in the previous section, ransomware can be especially devastating in this case.
For example, a manufacturer cannot afford to have a production line in its factory idle for an extended period. The impact can cascade through the supply chain, and costs can grow exponentially. It can affect a manufacturer’s relationships with suppliers and retailers, which can erode its position in the industry. With pressure mounting, a manufacturer will likely feel increasing pressure to pay the ransom. A new revision of the NIS2 directive to impose better security of networks and information systems within critical companies. The scope of the application now extends to additional nation-critical (essential and important) entities (organizations with more than 50 employees).
Hospitals and other healthcare organizations face a dual threat: confidential patient information falling into the wrong hands and hacking of critical, life-saving medical equipment such as infusion pumps. Leaked patient records can wreak havoc on a healthcare organization’s reputation, while compromised medical equipment can force a hospital to pay a ransom so that its patients’ health is not threatened.
The threat of human error
Often, threat actors have unwitting accomplices: a company’s employees. More than two-thirds (68%) of breaches are caused by non-malicious human error (DBIR), such as when an employee accidentally clicks on a malicious email or text link, causing a security breach. Employees can be fooled through pretexting tactics, resulting in a BEC attack. Sometimes they are not even victims of a cyber attack. They simply send sensitive information to the wrong email, such as a healthcare worker sending sensitive patient information to an unintended recipient.
Mitigate financial risk of breaches
To help mitigate the financial risk of security breaches, an organization should identify the most common and most destructive threats (especially those with the highest potential financial cost). As a manufacturer, the worst-case scenario may be that a production line is held hostage by a threat actor. Preparing for this scenario requires a contingency plan that includes disaster recovery, which can also apply to catastrophic events. In a hospital environment, misdelivery is a common culprit: healthcare workers send an email to the wrong address, as mentioned above. Improved access controls can help prevent these and other errors.
In debates about digital identities, non-human identities (NHI) are often overlooked and marginalized. NHIs cover a wide range of digital identities linked to applications, services and machines. These include bots, OAuth tokens, API keys, and service accounts: credentials that allow machines to authenticate, access resources, and communicate with each other in both critical and non-critical environments. Organizations in this field should carefully consider the management of companies that provide comprehensive coverage to enable effective protections that minimize risk exposure.
Since exploiting human error is often the path for threat actors, training the workforce on cybersecurity best practices and the attack patterns they are most likely to see can go a long way toward reducing organizational exposure, but Employee training alone is not enough. . To reduce the financial cost of security breaches, organizations must invest in robust threat detection and perimeter security solutions. They say it takes money to make money. Well, it also takes money to save money.
We have presented the best protection against identity theft.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in today’s tech industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing, find out more here:
